Document/support CSRF protection
Cito opened this issue · 0 comments
Cito commented
It should be documented that GraphQL endpoints providing mutations must be protected against CSRF attacks, and how this can be achieved. Maybe pyramid.csrf be combined with webob-graphql?